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DETAILED ACTION 

1 . This is in response to the Appeal Brief filed on 29 May 2009. 

2. Claims 10, 11, 14-16, 33-35 and 37-44 are pending in the application. 

3. Claims 10, 1 1, 14-16, 33-35 and 37-44 have been allowed. 

4. Claims 1-9, 12, 13, 17-32, 36 and 45-48 have been cancelled. 

EXAMINER'S AMENDMENT 

5. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Chris Gu on 29 July 2009. 

The application has been amended as follows: 

Claim 33. (Currently Amended) A method of comparing access control lists to configure 

a security policy on a network, the method comprising the computer-implemented steps of: 

subtracting a particular access control entry from another access control entry, wherein 
both the particular access control entry and said another control entry are two 
access control entries of multiple first access control entries and wherein the first 
access control entries, including the particular access control entry and said 
another access control entry, are all of access control entries as specified in a first 
access control list; 

identifying one or more first sub-entries in the first access control list, wherein the one or 
more first sub-entries include each of overlapping sections and non-overlapping 
sections of all of the first access control entries and wherein at least one of the one 
or more first sub-entries is derived from results of subtracting the particular access 
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control entry from said another access control entry; and 

programmatically determining whether the first access control list is functionally 
equivalent to a second access control list by determining whether each of the first 
sub-entries in the first access control list is contained by one or more entries of 
multiple second access control entries in the second access control list; 

wherein the method is performed by one or more computing devices. 

Allowable Subject Matter 

6. Claims 10, 11, 14-16, 33-35 and 37-44 are allowed. 

Conclusion 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to ARAVIND K. MOORTHY whose telephone number is 
(571)272-3793. The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William R. Korzuch can be reached on 571-272-7589. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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